FBI Warns of North Korean Social Engineering Tactics and Recruitment/Hiring of IT Workers

Oct 25, 2023 2:29:42 PM By Stu Sjouwerman

The U.S. Federal Bureau of Investigation (FBI) and South Korea’s Ministry of Foreign Affairs have issued an advisory offering guidance to “the international community, the private sector, ...

Leadership Less Involved in Cyber-Preparedness Despite a Majority of Orgs Thinking Data Loss from a Cyber Attack Likely in the Next 12 Months

Oct 24, 2023 4:37:42 PM By Stu Sjouwerman

You probably expect executive leadership to not just support cybersecurity efforts, but to be involved. New data shows organizations have a way to go until this is a reality.

Most Organizations Believe Malicious Use of AI is Close to Evading Detection

Oct 24, 2023 4:37:22 PM By Stu Sjouwerman

As organizations continue to believe the malicious use of artificial intelligence (AI) will outpace its defensive use, new data focused on the future of AI in cyber attacks and defenses ...

A Brief History of Phishing, and Other Forms of Social Engineering

Oct 23, 2023 10:23:52 AM By Stu Sjouwerman

Social engineering attacks have a very long history, though the Internet has made it easier to launch these attacks en masse, according to Sean McNee at DomainTools. McNee points to an ...

Phishing-as-a-Service: As Simple As Uploading A Logo

Oct 19, 2023 10:36:00 AM By Stu Sjouwerman

Researchers at Fortra are tracking “Strox,” one of the most popular phishing operations of the past two years. Users of Strox phishing kits can easily create phishing campaigns by simply ...

Phishing Attacks Surge By 173% In Q3, 2023; Malware Threats Soar By 110%

Oct 18, 2023 2:30:05 PM By Stu Sjouwerman

A new report from Vade Secure has found that phishing attacks rose by 173% in the third quarter of 2023, while malware threats have increased by 110%.

Summit Sabotage: Malicious Phishing Campaign Hits Female Political Leaders Using Social Engineering

Oct 17, 2023 2:40:52 PM By Stu Sjouwerman

A threat actor dubbed “Void Rabisu” used social engineering to target attendees of the Women Political Leaders (WPL) Summit that was held in Brussels from June 7 to 8, 2023, Trend Micro ...

Phishing Tests Start The Virtuous Cycle Of A Strong Security Culture

Oct 17, 2023 7:00:06 AM By Stu Sjouwerman

Phishing tests are the catalyst to achieve a sustainable security culture within your organization. They are actually the start of a virtuous cycle that helps you move up to the highest ...

9 in 10 CISOs Report at Least One Disruptive Cyberattack in the Last Year

Oct 13, 2023 4:52:41 PM By Stu Sjouwerman

A new report sheds light on whether CISOs have been the victim of a cyber attacks, if they're every paid a ransom, their greatest cyber concerns, and much more.

60% of Organizations are Very Concerned About the Potential Impact of Ransomware Attacks

Oct 13, 2023 4:52:35 PM By Stu Sjouwerman

As the number of reported ransomware attacks increases, new data provides a fresh look at how ready organizations are for ransomware attacks.

53% of Organizations Experienced Cyber Attacks

Oct 13, 2023 4:52:30 PM By Stu Sjouwerman

As increasing percentages of businesses experience cyberattacks, new data provides details on where the most organizational risk lies.

New Research: Phishing Remains the Most Popular Technique for Bad Actors

Oct 12, 2023 12:11:26 PM By Stu Sjouwerman

A report from Trustwave notes that phishing remains one of the most popular and effective techniques for attackers to gain access to organizations.

Harvested Credentials Are Put Up for Sale Monthly on the Dark Web at a Rate of 10,000 a Month

Oct 12, 2023 8:01:59 AM By Stu Sjouwerman

Credential harvesting has become a business in and of itself within the cybercrime economy. New insight from Microsoft details the types of attacks your organization should watch out for.

Business Email Compromise Attempts Skyrocket in the Last Year

Oct 12, 2023 8:01:44 AM By Stu Sjouwerman

Threat actors launched 156,000 business email compromise (BEC) attempts per day between April 2022 and April 2023, according to Microsoft’s latest Digital Defense Report. While most of ...

[INFOGRAPHIC] KnowBe4’s SecurityCoach: Top 10 Integrations

Oct 12, 2023 8:00:00 AM By Stu Sjouwerman

Real-time security coaching helps improve your organization’s security culture by enabling real-time coaching of your users in response to risky security behaviors.

Smishing Triad Threat Actor Sets Its Sights on the UAE

Oct 10, 2023 4:05:50 PM By Stu Sjouwerman

Resecurity warns that the Smishing Triad threat actor has “vastly expanded its attack footprint” in the United Arab Emirates (UAE).

Ransomware Attack Dwell Time Drops by 77% to Under 24 Hours

Oct 9, 2023 8:17:46 AM By Stu Sjouwerman

As attackers evolve their toolsets and processes, the significant drop in dwell time signifies a much higher risk to organizations that now have less time to detect and respond to initial ...

One Out of Five Organizations Must Improve Their Security Posture to be Eligible for Cyber Insurance

Oct 9, 2023 8:16:12 AM By Stu Sjouwerman

As insurers become more educated on what a “secure organization” looks like, they are tightening their requirements that puts the onus on organizations to be more secure.

Energy Sector Experiences Three Times More Operational Technology Cybersecurity Incidents Than Any Other Industry

Oct 9, 2023 8:14:04 AM By Stu Sjouwerman

While industries like financial services and healthcare tend to dominate in IT attacks, the tables are turned when looking at Operational Technology (OT) cyber attacks – and the energy ...

Senior Executives Beware: The Rise of EvilProxy Phishing Campaigns

Oct 5, 2023 8:20:01 AM By Stu Sjouwerman

Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial ...

Security Awareness Training Blog

View Topics